Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
attackerkbAttackerKBAKB:484D6DEC-EFAF-46E7-ACF1-6CB13F63FC68
HistoryFeb 09, 2022 - 12:00 a.m.

CVE-2022-22536

2022-02-0900:00:00
attackerkb.com
23

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.958 High

EPSS

Percentile

99.2%

JSON

SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim’s request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.

Recent assessments:

Assessed Attacker Value: 0
Assessed Attacker Value: 0Assessed Attacker Value: 0

Related

cisa_kev 1
checkpoint_advisories 1
prion 1
nessus 1
cve 1
nuclei 1
githubexploit 2
cisa 1
threatpost 2
trellix 2
malwarebytes 2
thn 1
avleonov 1
ics 1
cisa_kev
cisa_kev
SAP Multiple Products HTTP Request Smuggling Vulnerability
2022-08-18 00:00:00
checkpoint_advisories
checkpoint_advisories
SAP NetWeaver Application Server Remote Code Execution (CVE-2022-22536)
2022-02-17 00:00:00
prion
prion
Design/Logic Flaw
2022-02-09 23:15:00
nessus
nessus
SAP NetWeaver AS Desynchronization (ICMAD)
2022-02-09 00:00:00
cve
cve
CVE-2022-22536
2022-02-09 23:15:00
nuclei
nuclei
SAP Memory Pipes (MPI) Desynchronization
2022-02-25 17:59:02
githubexploit
githubexploit
Exploit for HTTP Request Smuggling in Sap Netweaver Application Server Abap
2022-02-15 09:22:19
Exploit for HTTP Request Smuggling in Sap Content Server
2022-04-02 16:12:56
cisa
cisa
Critical Vulnerabilities Affecting SAP Applications Employing Internet Communication Manager (ICM)
2022-02-08 00:00:00
threatpost
threatpost
SAP Patches Severe β€˜ICMAD’ Bugs
2022-02-10 16:39:04
SAP to Give Threat Briefing on Uber-Severe β€˜ICMAD’ Bugs
2022-02-10 16:39:04
trellix
trellix
The Bug Report - February 2022 Edition
2022-03-02 00:00:00
The Bug Report - February 2022 Edition
2022-03-02 00:00:00
malwarebytes
malwarebytes
SAP customers are urged to patch critical vulnerabilities in multiple products
2022-02-10 08:58:36
CISA wants you to patch these actively exploited vulnerabilities before September 8
2022-08-22 15:00:00
thn
thn
CISA Adds 7 New Actively Exploited Vulnerabilities to Catalog
2022-08-20 14:19:00
avleonov
avleonov
August 2023: GitHub PoCs, Vulristics, Qualys First-Party, Tenable ExposureAI, SC Awards and Rapid7, Anglo-Saxon list, MS Patch Tuesday, WinRAR, Juniper
2023-08-30 16:15:31
ics
ics
2022 Top Routinely Exploited Vulnerabilities
2023-08-03 12:00:00

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.958 High

EPSS

Percentile

99.2%

JSON
Related for AKB:484D6DEC-EFAF-46E7-ACF1-6CB13F63FC68
cisa_kev1checkpoint_advisories1prion1nessus1cve1nuclei1githubexploit2cisa1threatpost2trellix2malwarebytes2thn1avleonov1ics1